Do you know any rust project as a nginx like webserver?
I mean a drop-in replacement for nginx?
Nginx is good but it’s implemented in C and it’s working with lots of untrusted inputs …is it safe for that purpose? can we implement a better one?
And I mean a completely similar webserver to nginx which works with existing configuration files and the user just need to replace nginx with that and everything working.

I was just thinking about this today too, on the back of the Cloudflare issue (not an nginx issue itself though, per se). It would be a lot of work to reimplement, but probably a fun project. Surprisingly (given its proliferation and being exposed to the wild web), (AFAIK) nginx hasn’t had many security issues.

the truth is nginx didn’t have many security issues but who knows what will happen tomorrow?
I personally use nginx myself and if I know there is a stable and safer software out there which I can use without re configuring all the stuff, I will replace my nginx without doubt.

the truth is nginx didn’t have many security issues but who knows what will happen tomorrow?I personally use nginx myself and if I know there is a stable and safer software out there which I can use without re configuring all the stuff , I will replace my nginx without doubt.

Right, a safer (by construction) but just as performant alternative would be great. I was merely pointing out that it’s somewhat impressive that it hasn’t been pwned more

I meant CPU architectures: various ARM variants and others. See https://forge.rust-lang.org/platform-support.html for a list of things where Rust does work, I am not sure there is a list of architectures where it doesn’t, but it wouldn’t be small.

This would be a massive undertaking. nginx has a significant number of features. I have thought about this as well, and with the hyper crate getting futures/tokio support soon, this will be even easier. But there is still a serious number of features to implement, so having a drop in replacement could take quite a bit of time.

It might be interesting to collect the most common use cases people have as an initial MVP/feature set and build towards that. I have been considering doing this for a custom layer4/7 router, but have yet to find a reason not to just use nginx…

No doubt this would be a lot of fun. I’m not suggesting at all that it wouldn’t be an awesome thing to start. I’m for Rust all the things!

I’ve wanted this myself, and for the specific use case I mentioned. The challenge I have is selling this project at work. I may have a reason to do it that involves implementing health monitors on the router for different nodes. This would be cool because of the ease of implementing state machines in Rust, it would be great for me.

The point I’m making is that if we can collect usecases, we can start working towards a common goal… I’ve decided to hold off until the hyper integration with tokio stabilizes before starting something like this.

Linking with C programs is where Rust shines, and in nginx the modules are the place where most complex and less-tested code lives. Cloudbleed was caused by a custom nginx module, not the nginx core itself.

Writing nginx modules in Rust might be better than in plain C.
However, without good wrapper of nginx API in Rust, it should be a lot of unsafe code, .
Maybe it could be a starting point of making nginx more safe (writing Rust wrapper for nginx API).